Update anti-malware-protection-for-spo-odfb-teams-about.md

Author: chrisda

defender-office-365/anti-malware-protection-for-spo-odfb-teams-about.md

@@ -16,10 +16,10 @@ ms.assetid: e3c6df61-8513-499d-ad8e-8a91770bff63
 ms.collection:
   - m365-security
   - tier2
-description: Learn about how SharePoint detects viruses in files that users upload and prevents users from downloading or syncing the files.
+description: Learn about how SharePoint, SharePoint Embedded, OneDrive, and Microsoft Teams detect viruses in uploaded files and prevent users from downloading or syncing the files.
 ms.custom: seo-marvel-apr2020
 ms.service: defender-office-365
-ms.date: 06/09/2023
+ms.date: 06/17/2025
 appliesto:
   - ✅ <a href="https://learn.microsoft.com/defender-office-365/eop-about" target="_blank">Exchange Online Protection</a>
   - ✅ <a href="https://learn.microsoft.com/defender-office-365/mdo-about#defender-for-office-365-plan-1-vs-plan-2-cheat-sheet" target="_blank">Microsoft Defender for Office 365 Plan 1 and Plan 2</a>
@@ -35,14 +35,14 @@ Microsoft 365 uses a common virus detection engine for scanning files that users
 > [!IMPORTANT]
 > The built-in anti-virus capabilities are a way to help contain viruses. They aren't intended as a single point of defense against malware for your environment. We encourage all customers to investigate and implement anti-malware protection at various layers and apply best practices for securing their enterprise infrastructure.
 
-## What happens if an infected file is uploaded to SharePoint, SharePoint Embedded, OneDrive, or from Teams?
+## What happens if an infected file is uploaded to SharePoint, SharePoint Embedded, OneDrive, or from Microsoft Teams?
 
-The Microsoft 365 virus detection engine scans files asynchronously (at some time after upload). If a user tries to download a file in a web browser or from Teams that hasn't been scanned, a scan is triggered before the download is allowed. **All files are not automatically scanned**. Antimalware heuristics determine the files to scan. When a file is found to contain a virus, the file is flagged as containing malware.
+The Microsoft 365 virus detection engine scans files asynchronously (at some time after upload). If a user tries to download a file in a web browser or from Microsoft Teams that hasn't been scanned, a scan is triggered before the download is allowed. **All files are not automatically scanned**. Anti-malware heuristics determine the files to scan. When a file is found to contain a virus, the file is flagged as containing malware.
 
 Here's what happens:
 
-1. A user uploads a file to SharePoint, SharePoint Embedded, OneDrive, or from Teams.
-2. SharePoint using the common M365 antimalware engine, as part of its virus scanning processes, later determines if the file meets the criteria for a scan.
+1. A user uploads a file to SharePoint, SharePoint Embedded, OneDrive, or from Microsoft Teams.
+2. SharePoint using the common Microsoft 365 anti-malware engine, as part of its virus scanning processes, later determines if the file meets the criteria for a scan.
 3. If the file meets the criteria for a scan, the virus detection engine scans the file.
 4. If a virus is found within the scanned file, the virus engine sets a property on the file that indicates the file is infected.
 
@@ -59,7 +59,7 @@ For instructions, see [Use SharePoint Online PowerShell to prevent users from do
 
 ## Can admins bypass *DisallowInfectedFileDownload* and extract infected files from SharePoint or OneDrive?
 
-SharePoint administrators and M365 Global administrators<sup>\*</sup> are allowed to do forensic file extractions of malware-infected files from SharePoint Online PowerShell with the [Get-SPOMalwareFileContent](/powershell/module/sharepoint-online/get-spomalwarefilecontent) cmdlet. Admins don't need access to the site that hosts the infected content. As long as the file is marked as malware, admins can use **Get-SPOMalwareFileContent** to extract the file.
+Members of the SharePoint Administrator or Global Administrator roles in Microsoft Entra ID<sup>\*</sup> are allowed to do forensic file extractions of malware-infected files from SharePoint Online PowerShell with the [Get-SPOMalwareFileContent](/powershell/module/sharepoint-online/get-spomalwarefilecontent) cmdlet. Admins don't need access to the site that hosts the infected content. As long as the file is marked as malware, admins can use **Get-SPOMalwareFileContent** to extract the file.
 
 For more information about the infected file, admins can use the **[Get-SPOMalwareFile](/powershell/module/sharepoint-online/get-spomalwarefile)** cmdlet to see the type of malware that was detected and the status of the infection.
 
@@ -68,11 +68,11 @@ For more information about the infected file, admins can use the **[Get-SPOMalwa
 
 ## What happens when the OneDrive sync client tries to sync an infected file from SharePoint or OneDrive?
 
-When a malicious file is uploaded to SharePoint or OneDrive, the file may be synced to the local machine before being marked as malware. After the file is marked as malware, the user can't open the synced file from their local machine.
+When a malicious file is uploaded to SharePoint or OneDrive, the file might be synced to the local machine before being marked as malware. After the file is marked as malware, the user can't open the synced file from their local machine.
 
 ## Extended capabilities with Microsoft Defender for Office 365
 
-Microsoft 365 organizations that have [Microsoft Defender for Office 365](mdo-about.md) included in their subscription or purchased as an add-on can enable Safe Attachments for SharePoint, SharePoint Embedded, OneDrive, and Teams for enhanced reporting and protection. For more information, see [Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](safe-attachments-for-spo-odfb-teams-about.md).
+Microsoft 365 organizations that have [Microsoft Defender for Office 365](mdo-about.md) included in their subscription or purchased as an add-on can enable Safe Attachments for SharePoint, SharePoint Embedded, OneDrive, and Microsoft Teams for enhanced reporting and protection. For more information, see [Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](safe-attachments-for-spo-odfb-teams-about.md).
 
 ## Related articles